# Google

Use these instructions to set up Google as your SSO provider for Tonic Textual.

## **Create an OAuth 2.0 client ID in Google** <a href="#sso-google-oauth-client" id="sso-google-oauth-client"></a>

1. Go to <https://console.developers.google.com/apis/credentials>
2. Click **Create credentials**, located near the top.
3. Select **OAuth client ID**.
4. Select **Web application** as the application type.
5. Choose a name.
6. Under **Authorized redirect URIs**, add the URL of the Textual server with the endpoint `/sso/callback/google`.\
   \
   For example, a local Textual server at `http://localhost:3000` would need `http://localhost:3000/sso/callback/google` to be set as the redirect URI.\
   \
   Also note that internal URLs might not work.
7. On the confirmation page, note the client ID and client secret. You will need to provide them to Textual.

## **Textual configuration** <a href="#sso-google-textual-config" id="sso-google-textual-config"></a>

After you complete the configuration in Google, you uncomment and configure the required [environment variables](https://docs.tonic.ai/textual/textual-install-administer/configuring-textual/textual-env-var-configure) in Textual.

* The client ID
* The client secret

For Kubernetes, in **values.yaml**:

```
# Google SSO Config
# -----------------
#googleClientId: <client-id>
#googleClientSecret: <client-secret>
#googleGroupFilterRegex: <regular expression to identify allowed groups>
```

For Docker, in **.env**:

```
#SOLAR_SSO_GOOGLE_CLIENT_ID=#<client ID>
#SOLAR_SSO_GOOGLE_CLIENT_SECRET=#<client secret>
#SOLAR_SSO_GOOGLE_GROUP_FILTER_REGEX=#<regular expression to identify allowed groups>
```